MineSweeper - a tool for Windows user-land hooks manipulation. - enumerate - unhook - re-hook - supports any x64/x86 Windows DLL - x64 -> x86 support - available byte-by-byte comparison - cautious (self-unhook first) mode - written in C github.com/ars3n11/MineSw…

Curated lists of binaries or security tools that can be used to bypass local security restrictions in misconfigured systems or against AD. 👉 Unix (GTFOBINS) gtfobins.github.io 👉 Windows (LOLBAS) lolbas-project.github.io 👉 AD (WADComs) wadcoms.github.io

GitHub - polygraphene/DirtyPipe-Android: Dirty Pipe root exploit for Android (Pixel 6) - github.com/polygraphene/D…

Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation. github.com/XaFF-XaFF/Cron…

ALL IN ONE Hacking Tool For Hackers github.com/Z4nzu/hackingt… #cybersecurity #hacking #osint #bughunting

The original PowerSploit minidump is already detected by 23 AV. The well-known taskmanager "create dump file" also immediately blocked by Win11 defender. I just released a currently undetected ps1 lsass dump based on Matt Graeber script. Added to github.com/tihanyin/PSSW1…

The bug was assigned CVE-2022-0995. Here is the exploit: github.com/Bonfee/CVE-202…. 1 bit oob write is all it takes :)

GitHub - Throns1956/watchguard_cve-2022-26318: Watchguard RCE POC CVE-2022-26318 - github.com/Throns1956/wat…

if AV == Defender { Create folder C:\Windows \System32 (notice extra space after windows) Copy legit winsat.exe Download malicious DLL with legit name "version.dll" Side load it into winsat.exe } #BlindEagle #APTC36 bazaar.abuse.ch/sample/b391b28… Thx @Mag3niso proxylife Germán Fernández !

It’s tool time Tuesday. One of my favorite tools to exfil data from windows..natively. Nothing needs to be on the target. GitHub - SafeBreach-Labs/SimpleBITSServer: A simple python implementation of a BITS server. github.com/SafeBreach-Lab…

Exploit Development Tutorials for Windows and Linux. samsclass.info/127/ED_2020.sh… #infosec

With #CVE-2022-29072 you can gain SYSTEM privilege in victim system when he has 7zip 😎🥳 github.com/kagancapar/CVE… #Windows #PrivilegeEscalation #RedTeam

Check out the new blog post about my journey in implementing the technical aspects of Windhawk - implementing global injection and hooking in Windows. m417z.com/Implementing-G…

I'm looking for talented software engineers for multiple positions in the Windows Kernel team to create the best platform for Azure, Xbox, HoloLens and Desktop. linkedin.com/feed/update/ur…

unlicense - A dynamic unpacker and import fixer for Themida/WinLicense 2.x and 3.x. Version 0.2.0 has been released. It adds support for DLL unpacking, .NET assembly unpacking (EXE only) and fixes a bug with some 2.x-packed EXEs. github.com/ergrelet/unlic…

Ever wanted to make your sketchy sys calls look squeaky clean? I wrote a blog demonstrating a PoC which calls NtOpenProcess to grab a handle to lsass with an arbitrary/spoofed call stack: labs.withsecure.com/blog/spoofing-… PoC: github.com/countercept/Ca…

Just added the two new AMSI bypass PoC's via Provider Patching into my Amsi-Bypass-Powershell repo. Plus one PoC in Nim as pull request for OffensiveNim: github.com/S3cur3Th1sSh1t… github.com/byt3bl33d3r/Of… Tested both, works perfectly fine. 👌 (1/2)

AMSI Bypass - Memory Patching amsi.dll aidenpearce369.github.io/offsec/AMSI-Me…

We've just created a 116kb WASM build of Blink that lets you run x86_64 Linux binaries in the browser. It supports 500 instructions and 130 system calls. github.com/jart/blink/iss…

Reverse engineering the runtime code integrity protection of Call of Duty: Black Ops 3 Blog post by Maurice Heumann buff.ly/3Xwv5N #reverseengineering